Windwos 2003 DC Promo - Demote AD/DNS Server without Removing DNS

Hi all I have a widows 2003 server running AD/DNS that i would like to remove AD from and just leave the DNS intact. The last time i tried this with a similar box when i ran dcpromo it removed AD like i wanted and also DNS which was unintended and i had to scramble to recreate my dns back to the the way it was originally setup. Now i do know that i can juggle dns around and move it first to another box and then after that settles out then demote the AD using dcpromo and then move dns back to this box which will be its permanent home BUT I am lazy and i would like to know if i can skip all that and just remove AD without having to move remove and reinstall dns....

To have an ACTIVE DIRECTORY iINTEGRATED zone, your machine MUST be an Active Directory Domain Controller (DC). The DNS zone information is stored in AD and replicated with the other AD information (GPO, user information, security info, etc).

You can have a standard primary or secondary zone on a plain member server, but it doesn't sound like what you are looking for.

It sounds like you may have only one DNS server (and one Domain Controller?) in your environment? If so, I would recommend setting up another DC/DNS server - requirements are basic: you can use a very old server or PC grade hardware, but at least you have another copy of your AD/DNS somewhere.

You should also make a backup of your SYSTEM STATE INFORMATION using the built in NT Backup. It is very simple and fast, and you can backup to your hard drive. THis contains your entire DNS/domain security information (user accts, etc) in one file.

Hi
thank you for your feedback
I would like to add some more info here in an effort to help clarify.
I do have Active Directory integrated DNS and it has worked well for us
I also recognize that the information is stroed in AD
We do have 2 dns servers that are active directory integrated and also 1 that has standard primary and one that has secondary zones
We also have 3 AD Controllers

I think i may see the answer in your response so let me run this by you hopefully i will get it right

If i want to split my dns from my acitve directory i can no longer use active directory intergation, so if i demote a ad box it will always uninstall dns??
or
if i change the dns server to standard primary before i demote active directory on that box will it leave dns alone when i dcpromo to demote? or will it always uninstall dns when i do the dcpromo -demote

I am not 100% sure if it will ALWAYS uninstall DNS Server. I am curious what would happen if you had MANUALLY installed DNS server - then done DCPROMO (ie the DCPROMO would not have installed DNS and thus may not uninstall it) but that is besides the point for you.

If the zone you are concerned with is in fact your AD DNS ZOne (example: yourinternaldomain.local) then I would not suggest converting it to a PRIMARY DNS zone (if that is in fact somehow possible). If it is just a simple zone that happens to be AD Integrated there would be no harm in converting it to a STANDARD PRIMARY.

From there, you can grab the ZONE file from \windows\system32\dns (just copy the txt file) to back it up - or you can setup a secondary DNS server and have it replicated there.

thanks guy for your feedback
this server has about 15 forwad and reverse zones and what i was hoping was to not have to move dns around at all in order to remve AD
i still have to verify that what you first said was correct (NO AD = NO ADintegrated dns) i swear i once had a box that was a standalone dns server and was able to do active directory integration from that box but i could be wrong

My thought is this- I would assume that DNS will be removed. If it is not removed, you will be pleasantly suprised. If it is removed, you will be prepared:

1. Copy the DNS folder which contains all the zone files, verify they are in there.

2. If you have another DNS server (or can set one up temporarily) set that as secondary to these zones, allow xfers from primary, and the zones will then be on the secondary server. Then change the zones to primary there.

then run dcpromo and see what happens.

Even if you get a definite answer to your question above, wouldn't you want a backup just_in_case that person is wrong?

Just about everyone has an old PC laying around. Ask anyone in the IT industry, whether they are a professional or play in it as a hobby. From outdated Desktops to cheap "throwaway" laptops, they are all around and not as hard to "fix up" as you m…

Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…

This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…